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AUTHENTICATION MECHANISM IS 
ACTIVATED WHEN USER ATTEMPTS TO 
GAIN ACCESS TO NETWORK STATION 
OR APPLICATION SERVER 



201 



HOST COMPUTER READS OFF BASIC 
DATA OR USER ID OF NET ENTRY 
APPARATUS, AND SENDS IT TO 
AUTHENTICATION SERVER 



202 



AUTHENTICATION SERVER SENDS OUT 
A RANDOM NUMBER TEST KEY TO 
THE NET ENTRY APPARATUS WITHIN 
A PRESET TIME, AND KEEPS A COPY 
OF THE TEST KEY 



NET ENTRY 
RECEIVED 
KEY WITH 
KEY, AND 
TEST 



APPARATUS ENCRYPTS A 
RANDOM NUMBER TEST 
AN EMBEDDED PRIVATE 
SENDS THE ENCRYPTED 
KEY BACK TO THE 



AUTHENTICATION SERVER 



FIG.2 



AUTHENTICATION SERVER RETRIEVES 
OWN COPY OF THE TEST KEY 
ADDS ENCRYPTION WITH A 
SYMMETRICAL PRIVATE KEY, AND 
COMPARES IT WITH THE RETURNED 

TEST KEY FROM THE HOST 
COMPUTER; AND THEN GENERATES 
A NETWORK KEY BY A DYNAMIC 
PROCESS IF THESE TWO TEST KEYS 
CORRES 



AUTHENTICATION SERVER ENCRYPTS 
A TOKEN WITH THE NETWORK KEY 
AND PASSES THE ENCRYPTED TOKEN 
TO THE HOST COMPUTER 



HOST COMPUTER RECEIVES THE 
ENCRYPTED TOKEN, AND ISSUES IT 
TO THE APPLICATION SERVER 
INTENDED TO GAIN ACCESS TO 



APPLICATION SERVER PASSES THE 
RECEIVED TOKEN TO THE 
AUTHENTICATION SERVER FOR 
VERIFICATION 




FIG. 3 
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AUTHENTICATION SERVER DECRYPTS 
THE RETURNED TOKEN 



AUTHENTICATION 
SERVER 
NOTIFIES THE 
APPLICATION 
SERVER THAT 
THE USER ID IS 
INVALID, IF 
THESE TWO 
TOKENS DO NOT 
MATCH 




AUTHENTICATION SERVER THEN 
NOTIFIES THE APPLICATION SERVER 

THAT THE USER ID IS VALID, IF 
THESE TWO TOKENS CORRESPOND 
WITH EACH OTHER 
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AUTHENTICATION PROCESS IS ENDED 



FIG. 4 
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